In an earlier post I explained how to set up alerts for pre-Gen 10 HPE servers so you will know when something bad happens to your server. Things have changed starting with Gen 10. This post will walk through the new process.
Why use HPE server alerts?
One of the most important tools you have as a system administrator is the simple email alert. No matter what the problem is, it’s great to have a head start on fixing it before the phone starts ringing. In the case of HP servers you can get an email alert so you will have a head start on any problems that arise.
About The iLO
HPE servers up to Gen 9 used management agents on the operating system to monitor and send alerts, but going forward the alerts are sent by the iLO using an agentless service.
iLO is shorthand for “integrated lights-out”. Basically, this is an out of band management system that you can access over the network. It uses a dedicated Ethernet port so you can log in to the iLO from another computer on the network using a web browser. The iLO has its own IP address and you can set it to be static or check your DHCP for the IP it has been given.
Here are some documents from HPE that you may want to have a look at if you run into a problem not covered here:
If you like you can update the iLO firmware by downloading the installer.Click on Revision History and get newest version (should be the top one).
The iLO Advanced license
Alerts on Gen 10 servers require a special license, the iLO Advanced license. You can check your license by logging in to the iLO with your web browser and going to Information, then Overview. It will probably be the first page that comes up. Look at “License Type”. If yours says “iLO Advanced” you’re good to go. If it says” iLO Standard” you will need to purchase a license.
To quote HPE:
“With the release of Gen10 servers, iLO no longer supports OS-based SNMP agents. The System management Assistant (SMA) is an Agentless Management Service feature for users who want to run applications that obtain SNMP information from the OS. ”
Another advantage of the iLO Advanced license is that you can use the Remote Console in the iLO with no time limit. Without the license you only get like 3 minutes and then it locks you out. The Remote Console is basically Remote Desktop (RDP) through the iLO.
To check your license status log into the iLO by entering the iLO IP address into a web browser.
When you get in, right on the first page, next to “License Type” you should see if you have the license or not. If you already have the iLO Advanced license it will say “iLO Advanced”. Otherwise it would say “iLO Standard”.
You can obtain a license by registering the server with HPE, but you can also request a trial license.
Once you get your license log in to the iLO again and go to Administration, then Licensing.
You can just copy and paste your key into the first box and click the Install button. Easy.
Installing the SNMP Service Feature
To get the emails to us we need to install the System Network Management Protocol (SNMP) service. To do that, open Server Manager (it comes with Windows Server and usually starts automatically every time you log in) go to “Manage”, then “Add Roles and Features”. Choose “Role-based”, Next, select the local server, Next, Next, on the “Select Features” screen check the box next to “SNMP Service” and the one inside it, “SNMP WMI Provider”. You may be prompted to install “SNMP Tools”, too, if you don’t have it installed already. Get it, you’ll need it.
Configuring the SNMP Service
Now we need to configure SNMP to collect information from the server. Open Services.msc by searching in the Start menu or Windows key + R and entering Services.msc. Scroll down to “SNMP Services” and double-click on it to open the properties (or right-click and choose “properties”). In the security tab, click Add button under “Accepted community names”. There are two Add buttons on this tab so click the top one. Select Community rights as “READ ONLY”. Type “Public” for the Community Name and click Add.
If you don’t have the Security tab close Services.msc and restart it.
Click the same Add button again and create another Community Name called “Private”, but this time make the Rights “READ WRITE”.
Now we will tell the SNMP service who to accept packets from. With the “Accept SNMP packets from these hosts” radio button selected, click on the lower Add button now and enter 127.0.0.1 as the IP address. This is the localhost so the SNMP service will only be listening to this server we are working on. Click Add and then Apply.
With this done, go to the Traps tab in SNMP Service properties. You will have to type directly into the drop-down list because it doesn’t populate itself. Type “public” and now the “Add to list” button will be clickable. Click it. The drop-down list now has an entry for “public”. Click the “Add” button lower down the Traps tab and enter 127.0.0.1 and then click the Add button.
Click Apply and Ok.
Installing the Agentless Management Service
HPE’s pitch for this new way of managing server alerts seriously begins with “Tired of installing agents on your servers to monitor them?”, but in reality there is still one more service that you need to install: the “Agentless Management” service. Download it here. Make sure you get the new version under “Revision History”.
Download it and run it as administrator (from the right-click menu).
In this case I am upgrading because I already had an older version installed, but the process is almost identical except for the wording on this screen. Click Install.
Make sure the “Agentless Management” Service is running in services.msc
Configuring the iLO Settings
Your settings may end up being different than mine after this point depending on your domain and network settings. Also some older versions of iLO 5 look different or have different names for some of the fields. In these examples I am using version 1.46 of iLO 5.
Log in to the iLO in your browser. Go to “iLO Dedicated Network Port” on the left, then the “General” tab. Fill in your “iLO Subsytem Name (Hostname)”. I use “ILO-<servername>”. Fill in the domain name and check the “Use iLO Dedicated Network Port” checkbox and the “Automatic” radio button.
Click the “Apply” button. You will see a message that tells you to reset the iLO to get the changed to take effect. Do so now. You will be logged out for a minute while the iLO reboots.
Log back in the iLO and go to “iLO Dedicated Network Port” on the left, then the “IPv4” tab.
Turn DHCP off and specify a static IP address, subnet mask, and gateway. The only swtich that can be green is the “Other” switch that says “Ping Gateway on Startup”.
Don’t forget to “Apply” and “Reset iLO”.
Once the iLO comes back up log back in and go to
“iLO Dedicated Network Port”, IPv6 tab. Turn everything off. “Apply” and “Reset”.
Log back in and go to “Management” on the left and then the “SNMP Settings” tab.
Select the radio button next to “iLO Hostname” and click the switches for “iLO SNMP Alerts” and “Cold Start Trap Broadcast”. Click “Apply”.
Lower down on the same page, under “SNMP Alert Destinations, click the “New” button. Specify your SNMP server. I leave the “Trap Community” blank and use the default for the protocol. Click “Add” and leave evertything else on the “SNMP Settings” tab at the default value.
While still in the “Management” area, go to the “AlertMail” tab. Click the “Enable iLO AlertMail” switch and enter the “Recipient” email address that will receive the alerts, the “Sender” email address that has permission to send emails out, and the SMTP Server that will process the email. The port is probably going to be 25, the default SMTP port. I leave everything else off.
Sending a Test Alert
To send a generic test alert, log in to the iLO in your browser and go to “Management” on the left and then the “AlertMail” tab. Click the “Send Test AlertMail” button as seen in the previous image.
You should get an email like this:
If you got this email, then congratulations! If something goes wrong with the server you should get an email that tells you about it. It’s a good idea to log in to the iLO and send a test email once a month or so to make sure everything is still working. Sometimes a service will stop and you have to restart it manually.
If you didn’t get the email, double-check all the settings to make sure everything is correct and has been “applied”. If not, redo them and remember to apply and reset the iLO to save the changes. If that still doesn’t help make sure the SNMP and AMS services are running. It can’t hurt to go ahead and restart them even if they are. Your domain and network will be different than mine so there may also be additional DNS or Exchange settings for you to tweak.
There is a log in the iLO that might be able to tell you what went wrong. Go to “Information” on the left of the iLO browser interface and then the “iLO Event Log” tab.
Have fun and see you next time!